Methods and apparatus for providing attestation of information using a centralized or distributed ledger

ABSTRACT

Methods and apparatus for providing authentication of information of a user are described. Upon validation of this information, a first hash function is applied to the user&#39;s information to create a hash. A public attest key is generated by combining the hash of the user&#39;s information with one or more public keys. An attestation address is generated based on the public attest key. A signed transaction which includes the attest key is communicated for storage in a centralized or distributed ledger at the attestation address.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority to U.S. Provisional Patent Application No. 62/330,097 filed on Apr. 30, 2016, entitled “Decentralized Personal Information Authentication System,” which is hereby incorporated by reference in its entirety herein.

TECHNICAL FIELD

The present disclosure relates generally to techniques for providing attestation of information with use of a centralized or distributed ledger.

BACKGROUND

Existing methods of validating information and identity and maintaining information and identity security have numerous weaknesses. For instance, the leaking of private user information, such as a social security number (SSN) or credit card number, makes it possible for malefactors to imitate another person and to perform unauthorized transactions on their behalf. Security breaches resulting in leaks of this type of information have become commonplace with large retailers.

Identity verification is often overly reliant on communication networks that are unreliable. When the network goes down or has insufficient connectivity, transaction systems can be completely inhibited causing loss of funds in a retail context and causing tremendous delays in other transactions. Information verification is also often reliant upon physical documents that can be counterfeited. Identity verification is often reliant on mere knowledge of personal information, especially in scenarios where the person is not present to prove identity, such as phone calls or online.

Attempts to use personally identifiable information (PH) are inconsistently protected by vendors. For example, attempts to use a person's SSN to apply for new credit are often reported to that person only after a credit inquiry has been performed. As a result, in the case of a fraudulent use of a SSN, victims are often informed after some or all of the damage has occurred, if they are informed at all.

Accordingly, there remains a need for improved devices, systems, and methods for protecting the use of user identity and for securely providing personal information.

SUMMARY

A method of providing attestation of information by an attestor is provided, including receiving the information and a public key generated for the information; applying a hash function to the information to create a hash; combining the hash of the information with the public key generated for the information to generate a public attest key; generating an attestation address based on the public attest key; and communicating a signed transaction to a centralized or distributed ledger for storage at the attestation address.

In some embodiments, elliptic curve addition is used to combine the hash of the information with the public key generated for the information to generate the public attest key.

In some embodiments, the public attest key is generated by using the hash of the information as an offset and using the public key generated for the information to generate the public attest key. In some embodiments, generation of the public attest key by using the hash of the information as an offset is performed in a manner compliant with the Bitcoin BIP32 standard for hierarchical deterministic wallets.

In some embodiments, generating the attestation address comprises combining two or more public keys of potential signers utilizing a multi-signature script which implements the Pay to Script Hash (P2SH) function. The public keys of potential signers can include one or more of the public attest key, a public key of a wallet provider, a public key of the attestor, and a recovery public key of a user.

In some embodiments, generating the attestation address for a single signature transaction includes applying a second hash function to the public attest key. The second hash function can include the P2PKH algorithm.

In some embodiments, generating the attestation address for a multiple signature transaction includes generating a redeem script using the public keys of the multiple signatories, serializing the redeem script to create a serialized output, applying a second hash function to the serialized output to create a second hash, and applying a third hash function to the second hash. The second hash function can include the SHA256 algorithm, and the third hash function can include the RIPEMD160 algorithm.

In some embodiments, the centralized or distributed ledger is the bitcoin blockchain.

A data block for providing attestation of information associated with a transaction for storage in a centralized or distributed ledger is provided, including a public attest key generated by applying a hash function to the information to create a hash, and combining the hash of the information with a public key generated for the information; and an attestation address for storage of the transaction on the centralized or distributed ledger based on the public attest key.

In some embodiments, elliptic curve addition is used to combine the hash of the information with the public key generated for the information to generate the public attest key.

In some embodiments, the hash of the information is used as an offset with the public key generated for the information to generate the public attest key.

In some embodiments, the attestation address is generated by combining two or more public keys of potential signers utilizing a multi-signature script which implements the Pay to Script Hash (P2SH) function. The public keys of potential signers can include one or more of the public attest key, a public key of a wallet provider, a public key of the attestor, and a recovery public key of a user.

In some embodiments, the attestation address for a single signature transaction is created by applying a second hash function to the public attest key. The second hash function can include the P2PKH algorithm.

In some embodiments, the attestation address for a multiple signature transaction is created by generating a redeem script using the public keys of the multiple signatories, serializing the redeem script to create a serialized output, applying a second hash function to the serialized output to create a second hash, and applying a third hash function to the second hash. The second hash function can include the SHA256 algorithm, and the third hash function can include the RIPEMD160 algorithm.

BRIEF DESCRIPTION OF THE DRAWINGS

The foregoing and other objects, features and advantages of the devices, systems, and methods described herein will be apparent from the following description of particular embodiments thereof, as illustrated in the accompanying drawings. The drawings are not necessarily to scale, emphasis instead being placed upon illustrating the principles of the devices, systems, and methods described herein.

FIG. 1 is a diagram illustrating a system for providing attestation of information, using a centralized or distributed ledger in accordance with exemplary embodiments of the disclosed subject matter;

FIG. 2 is a block diagram illustrating various protocols which may be used for the attestation and verification of information in the system in accordance with exemplary embodiments of the disclosed subject matter;

FIG. 3 is a flow diagram of one implementation of a process for attesting to information;

FIG. 4 is a flow diagram for one implementation of a process for the verification of information;

FIG. 5 is a flow diagram for one implementation of a process to revoke some or all of previously attested information;

FIG. 6 is a flow diagram for one implementation of a method for creating a user account for attestation;

FIG. 7 is a flow diagram for one implementation of a process for using the verification protocol for purchasing goods online;

FIG. 8 is a flow diagram for one implementation of a process for using attested information and the verification protocol for purchasing goods online;

FIG. 9 is a flow diagram for one implementation of a process for using the verification protocol when offline;

FIG. 10 is a flow diagram for one implementation of a process for using a verification protocol for logging into a website;

FIG. 11 is a flow diagram for one implementation of a verification protocol utilized for creation of a new user account at a website;

FIG. 12 is a flow diagram for one implementation of a method of validating information during account creation;

FIG. 13 is a flow diagram for one implementation of a method for notification of a user when information that belongs to that user is being used to attempt a transaction; and

FIG. 14 is an illustration of a display presentation or identification card which includes various personal identification information for use in the system in accordance with exemplary embodiments of the disclosed subject matter.

DETAILED DESCRIPTION

Methods and apparatus for use in providing authentication by an attestor of personal identification information of a user are described herein. In one illustrative example, the user's personal identification information is received. Upon validation of this information, a first hash function is applied to the user's personal identification information to create a hash. A public attestation key is generated by combining the hash of the user's personal identification information with one or more public keys which includes a public key of the user. In one implementation, an attestation address is generated by applying a second hash function to the user's public key. A signed transaction which includes the public attestation key is generated and communicated for storage in a centralized or distributed ledger at the attestation address. The signed transaction in the ledger may be verified by a third party.

The embodiments will now be described more fully hereinafter with reference to the accompanying figures, in which preferred embodiments are shown. The foregoing may, however, be embodied in many different forms and should not be construed as limited to the illustrated embodiments set forth herein.

All documents mentioned herein are hereby incorporated by reference in their entirety. References to items in the singular should be understood to include items in the plural, and vice versa, unless explicitly stated otherwise or clear from the context. Grammatical conjunctions are intended to express any and all disjunctive and conjunctive combinations of conjoined clauses, sentences, words, and the like, unless otherwise stated or clear from the context. Thus, the term “or” should generally be understood to mean “and/or” and so forth.

Recitation of ranges of values herein are not intended to be limiting, referring instead individually to any and all values falling within the range, unless otherwise indicated herein, and each separate value within such a range is incorporated into the specification as if it were individually recited herein. The words “about,” “approximately,” or the like, when accompanying a numerical value, are to be construed as indicating a deviation as would be appreciated by one of ordinary skill in the art to operate satisfactorily for an intended purpose. Ranges of values and/or numeric values are provided herein as examples only, and do not constitute a limitation on the scope of the described embodiments. The use of any and all examples, or exemplary language (“e.g.,” “such as,” or the like) provided herein, is intended merely to better illuminate the embodiments and does not pose a limitation on the scope of the embodiments or the claims. No language in the specification should be construed as indicating any unclaimed element as essential to the practice of the embodiments.

In the following description, it is understood that terms such as “first,” “second,” “top,” “bottom,” “up,” “down,” and the like, are words of convenience and are not to be construed as limiting terms unless specifically stated to the contrary.

Described herein are devices, systems, and methods for identity verification, risk reduction for transactions, and authentication of data. Although the following description may emphasize devices, systems, and methods for personal information authentication, the implementations may also or instead be used for other types of entity authentications such as authenticating an autonomous vehicle, a robot, and so forth. Further, the devices, systems, and methods described herein may be adapted for use for authenticating life forms other than humans, including without limitation, pets, wildlife, livestock, and the like. More generally, the systems may be adapted for use with any corporation, company, entity, life form, moveable item, or the like that might be usefully present itself for verification and so forth. In an implementation, any datum or anything that is capable of being authenticated, verified or proven can be used in the various devices, systems, and methods discussed herein.

In several embodiments, the devices, systems, and methods are applied to the “Bitcoin” network which provides a digital cryptocurrency system. However, the devices, systems, and methods may alternatively be applied to other suitable networks and environments as well.

Some examples of the various participants in the system are described below.

A user may include without limitation a living person, a citizen, a legal entity, an autonomous vehicle, an autonomous device, a robot, a corporation, an organization, a company or partnership or other legal entity that can execute contracts, an agent or representative, an ambassador, a state, a city, a nation, a county, a party to a transaction, a group, a military, a government, a household, and the like. A user may also be an entity who cannot enter into binding contracts by statute or who has another set of rights different from a natural person. A user may also or instead include a child, a minor, an infant, a pet, an animal, a living thing, a collection of cells, an organism, or the like. A user may be an inanimate object, a parcel, an air, a sea, a land, a space craft, and the like.

An attestor may include without limitation an attestation site or device, a company, a person, a computer-implemented algorithm, a decentralized computing system, and the like. An attestor may include a country, a government, a society, a tribe, a hospital, a birthing center, a census bureau, a parent, a creator, a source, a witness, a neighborhood, a district, a town, a county, a state, a prefecture, a state, a province, a nation-state, a nation, a parliament, a military organization, a family, a community, a government, a militia, a police force, a group, a faction, a club, an ambassador, an embassy, a home, and the like. An attestor may also or instead include an independent third party observer, a natural person, an artificial person, a machine, an online service, a software service, an online application program interface (API), a client-server application, a desktop application, a mobile application, and the like.

A validator may include without limitation a validation site or device, any user or attestor, a border agent, a peace officer, a military post, an officer, a Transportation Security Administration (TSA) agent, a hotel clerk, a merchant, a transaction partner, a seller, a buyer, a credit verification agency, a bank, a store, a partner, a companion, an employee, an employer, and the like. A validator may include someone or something into which a relationship has been entered. A validator may include someone or something into which a relationship is still prospective. A validator may include a potential personal partner or mate. A validator may include without limitation an Identity Validation Service Provider, a biometric device, any entity who knows a user personally, a notary, a credit reporting agency, a government, a school, a relative, another user, and the like. A validator can also be a robot, and autonomous vehicle, and the like. A validator may include without limitation someone or something that confirms the validity, accuracy, ownership, or other proprietary aspect of information or property belonging to a user.

A merchant may include without limitation a place of business or commerce that offers products or services to users or other merchants, and who has a need to know with certainty that the user is authentic, and/or that the information presented by the user is authentic and belongs to that user, and/or that the property that the user claims to be their own actually belongs to the user. An Identity Validation Service Provider may include without limitation a person or object or business that provides the service of confirming a user's information that the attestor will attest to is valid and real and belongs to the user.

A digital wallet is a collection of keys that controls digital assets or funds. It may allow a user to make electronic commerce transactions easily and securely. A digital wallet may support a multisig script, in other words the wallet may be able to take multiple keys to create an attestation address. A digital wallet that will support multiple keys can be called an M-of-N digital wallet. Such a wallet accepts N distinct keys from N different parties, and M of these keys are sufficient in order for the digital wallet system to compute the encryption key in order to perform a transaction. An example of an M-of-N digital wallet is a 2-of-3 digital wallet. M and N can also be the same number, i.e. one (1).

A digital wallet provider is a provider that stores a user's digital wallet on the user's behalf, usually on a remote server, so that the information is easily accessed from anywhere. For the purposes of this application the user can also have their own custom digital wallet that can exist on their own phone or device and not on a remote server. Additionally, the user's own digital wallet can be backed up to a third party website or service. A third party cosigner is a party that participates in making a transaction with a multisig wallet that requires signatures from M of N keys before the attestation is finalized and broadcast to the blockchain network.

A site may include without limitation a website, a cloud service, a server, a distributed cloud service, a SaaS application, a decentralized application, a hosted service, an application, a mobile application, or the like. A site may include a banking site, an e-commerce site, a merchant site, a governmental site, a personal site, a social networking site, a messaging site, a search site, a news site, an information site, or the like. A site may include a physical location where a transaction is attempted in person, such as a retail establishment. When a site is a physical location, data may be sent between devices without a local or wide area network, for example through personal area network technologies such as Bluetooth, Near-Field Communication (NFC), sounds, the use of special cryptographic images that get scanned on the screen, and the like. Information may also be sent through wide area networks, such as cellular and other wireless networks. At a site that is a physical location, the exact same mechanism can be used to connect the two end points together, for example where a Quick Response (QR) code tells the device which endpoint to send identity data to. A site that is a physical location may use web based devices, applications, or other devices onsite to read and confirm identity so that it is essentially the same as if it was being done online. A site may also include a location or destination in a virtual world, or may exist in an overlay created with an augmented reality system. A site may move with the motion of a user or be stationary and fixed with respect to a map. A site could be anything or anywhere you want to be identified, for instance a place, real or virtual, where you need to show identity or use identity. Further examples include a Border Crossing or Customs Entry point, a security checkpoint for travel, such as a Transportation Security Administration (TSA) Agent/Checkpoint, a Global Entry Kiosk, and the like. A site may also include specialized systems for comparing data with private databases. For example, at a Border Crossing site, images that might represent for example a person's fingerprints, may be stored on a phone and then transferred via a secure data transfer mechanism. The site could use these images as though the person had actually been onsite.

An application, also called an app, may include without limitation any mobile, desktop, kiosk-based, cloud-based, home, enterprise, server, client-server, SaaS, embedded, neural, microcontroller-based, firmware-based, chip-based, chemically-executed algorithms, software, procedures, methods, or techniques or the like running on a computing platform that can execute instructions and process inputs to produce outputs. An app may run on a smartphone, tablet, laptop, desktop, in a watch, in a headset, an automobile, a kiosk, a wearable device, a subdermal computing implant, a smartcard, a SIM card, a microcontroller, or the like.

A communication channel is any method of exchanging information between two parties. This could include a wired link, a wireless link, a person to person wireless link such as Bluetooth or NFC, or an in person exchange. It is understood that there is a plethora of different protocols that can be used to exchange information over a communication channel. A preferred communication channel is the communication channel that a user chooses to use before trying other communication channels. The preferred communication channel may be context or circumstance dependent.

Information may be or include personal information, personal identification information (PII), data or user data, and may include without limitation any personally identifying data or representations of personal information. Personally identifiable information (PII), or sensitive personal information, especially as used in U.S. privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Personally identifiable information may include one or more information items, including full name, home address, telephone number, social security number (SSN), credit card numbers, date of birth, birthplace, driver's license number, e-mail address, national identification number, passport number, user ID, login name or usernames in messaging, social media, and other applications, passwords or personal identification numbers (PINs), IP addresses, vehicle registration plate number, face, fingerprints, retinal scan, handwriting samples, biometric data, digital identity, and genetic information.

Information may include physical documents representing personal information, such as passports, social security cards, green cards, driver's licenses, college degrees, diplomas, training certifications, marriage licenses, court documents, titles, deeds, chains of title, and the like. information may include the data contained in physical documents, the data represented by those documents, any data proven by those documents; the identity of a person, the names of a person; the status of a person with respect to statutes such as minor, adult, emancipated minor, resident alien, citizen, dual citizen, male, female, uni-gendered, bi-gendered, non-gendered, veteran, retiree, pensioner, alumni, widower, parent, child, relative, indigenous race, native, protected class, member of a club, group, society, or service, and the like. information may also include authenticating metadata about any such personal information, proofs or attestations from others about the validity of that information, and the like.

As is known in the art, asymmetric or public key cryptography uses public and private keys to encrypt and decrypt data. The keys are large numbers that have been paired together, but are not identical, and are called a cryptographic asymmetric key pair. One key can be shared with everyone, and this is called the public key. The other key in the pair is kept secret, and is called the private key. Either of the keys can be used to encrypt a message; the opposite key is used to for decryption. Different system participants all may have a public key. For example, an attestor may have a public key, a verifier may have a public key, and a third party cosigner may have a public key.

A cryptographic hash function or “hash” is a mathematical algorithm that maps data of arbitrary size to a bit string of a fixed size. It is designed to be a one-way function. The only way to recreate the input data from an ideal cryptographic hash function's output is to attempt a brute-force search of possible inputs to see if they produce a match.

A digital cryptocurrency is a medium of exchange similar to normal currencies, but designed for the purpose of exchanging digital information. Cryptography is used to secure the transactions and to control the creation of new units of currency. The first, and best known cryptocurrency is Bitcoin.

Digital cryptocurrency dust or “dust” refers to a very small or the smallest possible transaction. Too many very small transactions would congest network resources, so the network typically charges a transaction fee to process small value transactions. In the context of this application, dust is the smallest possible value required in order to achieve a transaction. It may not be a fixed amount. This small currency amount is distinct from the transaction fee. Dust refers only to the minimum financial amount of cryptocurrency as per the rules associated with the specific distributed ledger (for example, but not limited to, the Bitcoin network). The fee charged for processing such a transaction might be a fixed fee or might be a percentage of the transaction size or may be determined by some other method. Some distributed ledgers might not have a minimum transaction size and might not charge a transaction fee. In general, dust may have no financial value and could be any parameter that is required for a valid transaction to propagate through the network.

A transaction is used to transfer an amount of cryptocurrency (e.g. dust) that contains all necessary attestations, moving data between different keys or different digital wallets. A transaction is always for the purpose of creating new hashes and putting them in a user's digital wallet, or for revoking previously-attested data and removing such data from a user's digital wallet.

A digital ledger is a digital record of who-owns-what. A centralized ledger or centralized database is a system where data is stored in a master database with a single point of control. There is a gatekeeper party that alone acts on behalf of clients to modify the system state. Bitcoin makes use of a distributed ledger called a blockchain. A distributed ledger is fundamentally different from a centralized ledger. In a distributed ledger, any party on the network has access to the ledger. Authorization, rather than being a function that is added onto the system at the end, is built into the lowest level of the stack. The distributed ledger is replicated among many different nodes in a peer-to-peer network, and a consensus algorithm ensures that each node's copy of the ledger is identical to every other node's copy. Asset owners must use cryptographic signatures to make transactions on a digital ledger.

An attest key is a key that is created using hashed data which consists of or is derived from information, combined with a public key. The information that is hashed and used to create the attest key may be something as simple as the user's name. Alternatively, the hashed data used to create the attest key may be a combination of information, such as a user's name and date of birth. Alternatively, the hashed data used to create the attest key may be comprised of derived data. For example, the user information may include a person's date of birth, and the hashed data includes not only the date of birth, but also a statement or indication that the user's age is greater than 21 years. The creation of the hash of the data for the attest key may be performed using a merkel tree solution, a one-way accumulator, or any other suitable cryptographic algorithm that could create a one-way or irreversible hash.

A public attest key combines the aforementioned hashed data, comprising or derived from the user information, combined with a public key.

A private attest key combines the aforementioned hashed data, the data comprising or derived from the user information, combined with a private key.

An attestation address is the address at which the transaction can be found on the distributed ledger. For a single signature transaction, a hash function can be applied to the public attest key. In some embodiments, the hash function is the P2PKH algorithm. An attestation address may be a multisig attestation address, which in one implementation is a result of the public attest key being signed with the attestor's public key and the public keys of all cosigners according to an M of N multisig redeem script cryptographic signing protocol. Potential cosigners can include, but are not limited to, the wallet provider, the attestor, and the recovery public key for the user's wallet. Funds sent to the attestation address may only be spent or revoked if M-of-N cosigners sign a transaction spending from the attestation address. In another implementation, the multi signature process is achieved by creating a contract stating the number of and actual public keys required. In another implementation, a multisig attestation address comprises two or more public keys and is created using the Pay To Script Hash (P2SH) protocol. According to some embodiments, a redeem script is generated using the public keys of the multiple signatories, the resulting redeem script is serialized to create a serialized output. A hash function, such as the SHA256 algorithm, is applied to the serialized output to create a second hash. Subsequently, a further hash function, such as the RIPEMD160 algorithm, is applied to the second hash to generate the attestation address.

A digital signature is used to verify a message. The attestation address is a digital signature. A party can check that the attested information is genuine by hashing the message verifying that a signature was produced from a party controlling a private key that is represented by a known public key. This is a standard implementation of ECDSA to compare signatures. A certificate may be used to bind public keys to persons or other entities, i.e. to provide assurance that the public key belongs to the entity. The certificate itself is typically signed by a trusted third party or Certificate Authority (CA), for example, Verisign.

A cryptographic nonce is an arbitrary number used only once in a cryptographic communication. The nonce may be a random or pseudorandom number, or may include a timestamp to ensure that the nonce is only used once. The cryptographic nonce may be used to introduce more entropy into a hash. Hashed user data which is used to create the attest key may be placed in a predetermined or standardized format for consistency for when it is hashed again in the future.

Various novel system protocols will now be described. In the context of the devices, systems, and methods described herein, a user may have information they wish to convey to another party, with the desire that the other party trust or rely upon the validity of the information. To establish this trust, the user and the other party may participate in an information delivery protocol that assists the other party in deciding if the user's information is authentic, valid, or actionable. The other party may perform a verification protocol as part of the information delivery protocol.

In an aspect, an attestation protocol may be performed by an attestor to attest to the validity of the information provided by the user. The attestor may perform the attestation protocol in order to authenticate the user's information and to create an attestation transaction on a centralized or distributed ledger, which serves as a certification that the user's information has been authenticated. As part of the attestation protocol, the user's key is serialized and available in the attestation transaction. Just as a traditional Certificate Authority may be considered a form of key exchange, the protocol can be used for ephemeral key exchange, as is used in encrypted communications. As part of the attestation protocol, once an attestor has learned and has validated the identity of a user and/or the user's information by performing a validation protocol, the attestor may certify the user's information and associate it with the user's validated identity by using a signing protocol, which creates an attestation transaction comprising the user's information onto a centralized or distributed ledger.

In one embodiment, the attestation protocol requires the attestor to apply a cryptographic hash function, such as the SHA256 cryptographic hash function, to data comprising some or all of the user's information or data derived from some or all of the user's information. The attestor then combines this “hash” of the data derived from the user's information with the user's public key to create the attest key. As part of the attestation protocol, a validation protocol may be performed by a validator. The validation protocol describes how the validator authenticates the information provided by a user to an attestor. The validator may, for example, inspect the information provided by the user. The validator may employ multi-factor authentication to ascertain that the user controls the user's provided communication channels. The validator seeks to establish a degree of confidence that the user is who they claim to be, or that the information the user wishes to convey to another party is authentic, or that the user has control or possession over the property or rights they assert. The attestor may perform the role of the validator, or alternatively the validator may be a third party, distinct from the attestor and the user. Also alternatively, both the attestor and a third party may perform different functions of a validator. The attestor may, as part of the attestation protocol, with or without the cooperation of a third party cosigner, create an attestation transaction on a centralized or distributed ledger representing the attestor's attestation to the validity of the user's information. Where there is no third party cosigner involved in the attestation protocol, the location of the attestation transaction in a centralized or distributed ledger is called the attestation address. Where there is one or more third party cosigners involved in the attestation protocol, the location of the attestation transaction in the centralized or distributed ledger may be called the attestation address or the multisig attestation address.

When some user information has already been attested to, and now the user wants the attestor to attest to more information, the novel approach allows for an addendum to be attest to the already attested data. Because of the way the attest key is generated, the user information is contained in a record which is a transaction that can be spent. In order to modify this attestation, the transaction can be spent back to the same address and can be combined with new information into a new transaction. Alternatively, an entirely new transaction can be entered onto the distributed ledger, which would allow the changing of data that was previously attested to.

Similarly, if the user wanted to revoke only part of the attested information, then the transaction may be revoked by spending the dust, and a new transaction with updated user information may be written. This allows attested information to change, for instance, if the user moves and has a new home address, or changes their telephone number.

As described earlier above, the creation of the hash of the data for the attest key may be performed using a merkel tree solution, a one-way accumulator, or any other suitable cryptographic algorithm that creates a one-way or irreversible hash. This is effectively the data model for creating hashes representing the data being attested to. This allows for the storage of multiple attestations, and variations of the attestations, in a single transaction. For example, one may store a birthdate, as well as day, month, and year, all within a single hash, yet provide only the one requested plus all the other hashes to resolve the hash that is ultimately stored. Revoking or editing doesn't change how this works. For example, if one needed to update the address, a completely new transaction with the updated address would be created and compiled using one of the specified hashing algorithms, which revokes the old data. The dust is spent at a new address in the user's control. This effectively revokes the old data (as it will now be spent) and creates a new attestation. Revoking a part of a key transaction is exactly the same as compiling a new hash with only the attested data, but excludes the revoked components from the tree or accumulator or other utilized mechanism. Advantageously, the use of either merkel trees, accumulators, or other suitable mechanism allows for a reduction in or minimization of the number of transactions required to store the attestations on the ledger or blockchain. This is not required, however, and could also be done by simply creating a hash for each individual item being attested to. One could imagine, however, that if an example containing age and various components of a birthdate, one would need at least five individual transactions instead of just one transaction.

The current state of the art for storing data on the Bitcoin blockchain is to use OP_RETURN. OP_RETURN is a script opcode used to mark a transaction output as invalid. Since the data after OP_RETURN are irrelevant to the payment system of Bitcoin, arbitrary data can be added into the output after an OP_RETURN. Currently, the default Bitcoin client relays OP_RETURN transactions up to 80 bytes, but does not provide a way for users to create OP_RETURN transactions. Some members of the Bitcoin community believe that the use of OP_RETURN violates the contract of Bitcoin, since bitcoin was intended to provide a record for financial transactions, not a record for arbitrary data. The practice using OP_RETURN continues for now because OP_RETURN is reasonably efficient in terms of data bytes stored as a fraction of blockchain space consumed. However, one drawback is that there is a strong sentiment against using certain blockchains for the purpose of storing data. This means that the tolerated but invalid transaction may not always be available for use.

In contrast to storing data with use of OP_RETURN, storing information in an attestation transaction as described herein has the significant advantage that it is safeguarded against changes in the bitcoin protocol, as theoretically the bitcoin community could remove the ability to use OP_RETURN.

An additional advantage of using the attestation protocol to store information relates to the unspent transaction output cache. When OP_RETURN is used, there are no entries created in the unspent transaction output (UTXO) cache. This makes it much harder to locate the information on the blockchain. Additionally, since there is no currency associated with this transaction, once the transaction is on the blockchain, it only represents data and can no longer be spent. Therefore, the data cannot readily be revoked or updated. In contrast, storing information in an attestation transaction as described herein has the significant advantage of making it easier for people to check if a transaction is still valid. In order to find a valid transaction, a party simply has to look in the UTXO cache. If the transaction can be found there, then the transaction (i.e. the attestation) is still valid.

On the other hand, transactions using OP_RETURN to store data cannot be spent, as they are not actually valid transactions. Therefore, the data associated with OP_RETURN do not exist in the UTXO cache. That means, in order to revoke information that was stored using OP_RETURN, a revocation OP_RETURN transaction would have to be placed on the blockchain (and the party would need to know how and where to find it) or a third party system would need to be referenced. In other words, the only way to revoke or update data stored on the blockchain using OP_RETURN is to find another similar record on the blockchain that updates the first record, which would be difficult and time consuming.

One novel technique described in the present disclosure realizes a different way of storing data on a blockchain, through the creation and use of an attest key. The attest key approach described herein is compatible with the secure bitcoin blockchain system, and with all existing standards as well as the Bitcoin Implementation Protocol. This means that the attest key approach, because it doesn't violate any protocols, is viable today and permanent. The attest key approach is also usable with other distributed ledgers.

Furthermore, the attest key approach is inexpensive. In hashing user information with a key to create the attest key, which is a new key, the length of the data record is not increased. Storing a longer data record would mean that one would need to pay more to have the record processed such that it could be added to the blockchain. Another advantage is Unspent Transaction Outputs (UTXO) as previously described. To keep track of the pool of UTXOs, you only need to store a subset of the distributed ledger, which is a big advantage for mobile or portable devices. In another aspect, use of an attestation protocol, a validation protocol, a verification protocol, or any combination of these protocols, may reduce the complexity of a user logging into sites and performing transactions between users and site owners. A user attempting to log in to or create a new user identity or authenticate an existing user identity at a site may use an application to log into the site. Using the application, the user may perform this function by scanning or recording still or animated content at that site, provided by the site. That action immediately just logs them into the site and passes the site all the data that it requires. As this data is attested to, the site is able to verify the information using the verification protocol, and then knows it is getting authenticated information (the information is authenticated by the attestor who signed the attestation transaction on the distributed ledger). Because the information is attested to, the site can trust the information more, which reduces or eliminates the amount of verification that the site needs to do. This also means that the user experience is simplified as they don't have to type all the info again to do things like open accounts, enter financial information, etc.

In another aspect, an attestation protocol and/or a validation protocol and/or a verification protocol may be used to transfer data belonging to a user. One example might be a user's medical records. These records may be tied to the user and stored on the user's mobile device. The user can use the protocols described herein to send this information to a recipient. In general, the protocols described herein can be used to transfer any data for any purpose in a trusted and secure manner.

User information does not always have to be authenticated by a third party attestor. Self-attestation of information is possible, and any information can be transferred using the protocols described herein. It is up to the recipient of the data to decide what level of trust is required for each item of data received. The data transferred does not have to be attested to in any way on the blockchain, as that is needed only in the case when the user wants to verify independent attestation.

In another aspect, a user goes to make a business transaction, for example but not limited to, purchasing a product at a site where the user does not have an account and does not want to open an account. The site may be, for example, a store or an e-commerce site. The site displays an icon or other indication that the user may make their business transaction or purchase using the attestor. The site may display a barcode or a QR code or some other code that can be scanned by a user's device, or the site may otherwise communicate with the user's device. If the site displays a code that can be scanned, the user may scan the code with their mobile device. The user may open an application from the attestor to scan the code. The user may have an attestor application that is running in the background and that can detect if there is direct communication between the site and user's device.

The user's device, through the attestor application or through other means, establishes a direct link to the site that is looking to verify the user to allow the user to make the business transaction or purchase. The direct link may be a URL. Through this direct link between the user and the site, the verification protocol takes place between the user and the site. The site is able to get the needed user's information from the centralized or distributed ledger. The site then uses the cryptographic nonce as a challenge nonce to check that the user is the same user that signed the original attested information. The site is therefore able to approve the business transaction or purchase, where the user did not have to send them any information or open an account.

The user may also or instead receive, from the site, information identifying that site by another means, such as but not limited to a QR code or a moving image, for example audio, a wireless networking protocol, radio frequency signals, or visual spectrum data transmission techniques. The user may also or instead enter an address such as a uniform resource locator (URL). The application may allow the user to select only the user information they wish to provide to the site, or the application may tell the user what specific information the site is requesting and enable the user to allow that information to be provided to the site. The user may, using an application or directly with the site, according to a verification protocol, provide the specific information and public keys to the site and the site may, following the verification protocol, be able to immediately and without requesting further information from the user, allow the user to log in, create a new user identity, or authenticate an existing user identity with the site. The site may be able to allow these or other user functions, such as the transfer of data, without consulting any attestor directly, because the design of verification protocol may not require involvement of an attestor at the time that user verification is needed, yet the verification protocol may provide a provable, auditable positive verification of the authenticity of the user's information.

In another aspect, because of the ability to incorporate multi-party signing in the attestation protocol, a site may still be able to verify the authenticity of a user's information if an attestor's security is compromised and even if an attestor ceases to operate, e.g., due to bankruptcy or abandonment. A site may be able to continue to locate an attestation transaction in the centralized or distributed ledger according to a verification protocol until such time as the attestation of the user's information is revoked via a revocation protocol.

In another aspect, an attestor may, in cooperation with a user, or in cooperation with a third party cosigner to the user's attested information but not alone, use the revocation protocol to revoke an attestation for a user's information. A user can do this with cooperation of an attestor or a third party, and a third party can do it with cooperation of the user or the attestor. In general, transactions can require M of N signatures, or just one signer. It may be the case that an attestor does not want to have revocability, and leaves it entirely up to the user to manage and revoke their information. In this case, the attestor simply sends a standard transaction to the user. Alternatively, the attestor might want multiple parties to have to concur when revoking an attestation, for example 3 of 5 parties.

In another aspect, even if an attestor is compromised, no fraudulent attestations of user information may be performed because an attacker still lacks the user's and third party cosigner's private keys. In other words, even if someone got control of the attestor's keys to sign transactions, they couldn't independently go and issue fraudulent attestations on the distributed ledger because they would need a second signature in order to do so. The second signature would be that of the third party digital wallet provider or the user who owns the data.

The verification protocol is now described. A user may submit information to a third party in response to a third party data request, and the third party (the verifier) needs to verify the authenticity of this user information. The verifier may, without a need to contact a central provider of trust, employ a verification protocol to verify information provided by a user, where the user has previously had the information attested to by an attestor as part of an attestation protocol. Using for example, one or more of an application, a website, and an attestor API, the verifier may satisfy itself that the information provided by the user is authentic by re-deriving the attestation address of an attestation transaction, and seeing that the attestation transaction exists in the centralized or distributed ledger at the attestation address. A verifier may provide unique, time-sensitive information, such as a cryptographic nonce, to the user who then may sign the information using the signing protocol with the user's private attest key as may be required. The verifier may, in this way, ascertain that this attested information belongs to the user or is in the current control of the user. The verifier ascertains this by verifying the signature using the public attest key corresponding to the attestation transaction associated with the user's information. The attestation transaction should spend some amount to the attestation address, confirming that the transaction is signed by a trusted attestor's key, which affirms that the transaction in the centralized or distributed ledger is valid, and that the proffered user information is authentic.

In another aspect, a user may want to keep track of when their information is accessed or used and may want to be able to proactively authorize or deny the invocation or use of that information. An attestation site, website, or application controlled by an attestor may allow a user to register and create an identity and to submit their information such as a social security number. The attestor may perform an attestation protocol in order to authenticate the user's information and to create an attestation transaction on a centralized or distributed ledger, which serves as a certification that the user's information has been authenticated. The attestor may also perform a validation protocol to ascertain that the user is not fraudulent and that the submitted information is authentic. The validation protocol may use third party Identity Validation Service Providers such as ThreatMetrix® to authenticate the user's information. An attestation site website, or application controlled by an attestor, performing a validation protocol, may call, text, phone, message, or send physical mail to addresses provided by the user. The attestation site, website, or application controlled by an attestor performing a validation protocol may receive pictures or scans or radio frequency identification (RFID) readouts or infrared captures of user's identifying documents. An attestor performing a validation protocol may receive authenticated information or biometric information from a device, which could be a user device, or perhaps a fingerprint reader at an FBI certified fingerprint collection point, which may be an attestor.

An attestation site, website, or application controlled by an attestor may provide an API to other third party sites so that the third party sites can notify a user via an attestor application or website, in a proactive manner, when the user's information is being accessed. For instance, a bank site may be allowed to get a hold of a user by sending the SSN of the user to the attestor. Because the attestor knows the user, the attestor can send the user an alert over a communication channel saying that their SSN is being used.

As an example, a user may attempt to apply for credit at a banking site online or offline. A user may provide a social security number (SSN) to the banking site. The banking site may use the attestation API to submit the SSN to the attestor. The attestor may use preferred contact information it has for the authenticated user of that SSN in order to reach out to that user and verify that the user intended to apply for credit. The attestor may require the user to affirmatively communicate a response to the attestor or to the third party (in this case the banking site) authorizing or denying the application for credit.

In another aspect, any of the attestation protocol, validation protocol, or verification protocol described herein may be used instead of a traditional certificate authority (CA) vendor. The portable attestation transaction that an attestor and user creates using these protocols may be used to provide a prospective communication partner or transaction partner with positive identification in lieu of a central authority. As a result, participants in a transaction or communication using the protocols described herein may be able to use key exchange techniques as known in the art and thus establish encrypted communication without relying on a CA vendor. For example, the attestor may provide an identity to a site, and then a user would be able to use the exact same mechanism to identify the site as valid, in the same way the CA certificates are trusted now.

In another aspect, any of the attestation protocol, validation protocol, or verification protocol described herein may be used in conjunction with established centralized or distributed ledger features of cryptocurrency and blockchain to record attestation transactions. Two parties wishing to exchange a good or service or title might ordinarily wish to record such a transfer in a centralized or distributed ledger, but the parties lack certainty or assurance that the other party are who they say they are, or that the other party actual owns the good or can offer the service or possesses the title. A user may use the protocols described herein to provide attested proof of their identity and to further provide attested proof of ownership or control, thereby satisfying all the conditions required for the exchange to proceed.

In another aspect, users may create accounts with an attestor and create attestation transactions in person. A kiosk or station, similar to an automatic teller machine, may be situated in a bank or supermarket or other retail location. This kiosk may serve the function of an attestor, a verifier, a validator, or may implement all of these functions. users desiring to create an account with an attestor and create attestation transactions with their information may use the kiosk, which would allow the user to participate in attestation protocols or validation protocols by entering contact information and/or by presenting other verifying information or identity-proving documentation. The attestor kiosk or station may be equipped with a front-facing camera so that the user may be photographed in order to use facial recognition techniques as part of the validation protocol. The camera may be used in order to establish a real-time video conference between the user and an attestor or validator located remotely from the kiosk. For example, a remote validator performing the validation protocol may use, for example, a set of credit bureau challenge/response queries, based on the user's social security number or any other national or regional identification number, in the execution of the validation protocol to authenticate the user. As part of the validation protocol, the user may type in or speak the responses to the challenge/response queries. The user may hold up identity documents to the camera. The user may also be required to insert identity documents into specialized readers that can read documents such as passports, driver's licenses, or other identity documents. The attestor kiosk or station may use a combination of automated fraud detection and remote user intervention or interaction. The attestor kiosk or station may employ a remote attestor or validator without highlighting that fact to the user seeking authentication, for example in order to supervise the activity of the user presenting identity documentation.

Upon successful completion of the validation protocol for the user, the attestor kiosk or station may trigger the creation of a one or more attestation transactions that attest to the validity of the user's information that could be positively authenticated. Specific information about the newly created attestation transactions may be sent to the user using any of the user's communication channels, or may be presented to the user on the screen of the kiosk. The attestor kiosk or station may present a QR code or other motion code to the user, prompting the user to download an attestor's application on the user's mobile device. The user may then use the attestor application on their mobile phone or device to scan additional QR or motion codes in order to receive any generated public keys, private keys, or public or private attest keys related to the one or more attestation transactions of their information.

In one embodiment, the attestor kiosk or station may cause the user to install the attestor's application before attestation protocol and validation protocol is initiated, such that, for example, any private keys required for the attestation transaction are generated and stored only on user's mobile device and not in the kiosk. The attestor kiosk or station, or the attestor application may cause the user to install a digital wallet application on the user's mobile phone or device. The public keys, private keys, or attest keys may be stored in the user's digital wallet. If the user has more than one digital wallet application, the user may be prompted to choose the digital wallet in which they want to store the keys, the aforementioned functions may instead be implemented by an in-person teller instead of a kiosk. This in-person teller may act as a validator and/or an attestor.

Examples of notification systems will now be discussed. In the context of the devices, systems, and methods described herein, an attestor may have an attestation site or application which may provide an attestation API to allow authenticated users (users for which an attestation transaction on a centralized or distributed ledger exists) to be communicated to by other sites which have a need to collect or verify specific information about that user. The attestation API may provide access to the attestation site or application or a different site or web service that enables merchants or banks or other users to offer extra security or other services when performing transactions with authenticated users. When a user attempts a transaction with a merchant or bank or other user, for example applying for credit, the user may provide to the merchant, bank or other user their attestation site or attestor information in lieu or providing the personal information, for example their ordinary contact information, their address, their birthdate or their social security number. The attestor application on the user's mobile device may provide the attestation site or attestor information to the merchant, bank or other user in lieu of the user providing this directly.

Alternatively, the user may provide their attestation site information in conjunction with other ordinary information. As the merchant or bank or other user is attempting to run the credit check for the user, it may use the attestation API to convey to the attestor the attempt to access or use the user's information. The attestation API may also allow the merchant or bank or other user to communicate, directly or through the attestor or the attestor application, to the user that someone is trying to access or use their user information and the purpose that the user information was provided for. In this example, the user is informed that their SSN is being accessed or used for the purpose of opening new credit. The attestor or the attestor's application or the merchant, bank, or other user or an application of the merchant, bank, or other user, may provide a prompt for the user to allow or deny the transaction through an application, voice message, text message, or any other communication channel. The use of the attestation API may provide merchants and banks and other users a reduction in the amount of fraud and may provide a higher sense of security for users about their information.

In an aspect, an attestation site or application may provide an API to allow any of its authenticated users to be communicated to by other sites which have information about that user but lack a direct means of contacting the user because they don't know any of the user's communication channels. An attestation site or application may provide this API for a fee. An attestation site or application may control the frequency or volume or types of communication to be sent to users according to user preferences or attestation site policies. An attestation site or application may prevent user communication channel information such as means of contacting the user from being revealed in this API.

Because of the chance of unsolicited information being transmitted to authenticated users of the attestation site from other sites, the attestation site may perform spam filtering and unsolicited communication filtering on an aggregate basis to incoming communication. The attestation site may also require the other site to provide enough information relating to the user they are trying to communicate with in order to establish that there was a pre-existing business relationship between the other site and the user. Additional authentication steps may be performed on the other site, similarly to how they are performed on users, in order to authenticate the site attempting communication. The notification approach described herein may provide a novel way for users who have registered with the attestor to receive critical communications from parties who lack correct or updated communication channel information for a user, but who may have a legitimate need to communicate with the user.

FIG. 1 is a diagram illustrating a system 100 for use in providing authentication of information, such as personal identification information of a user. As shown in FIG. 1, the system 100 may interconnect a plurality of participants (e.g., devices, systems, components, resources, facilities, and so on) in a communicating relationship via one or more communication networks 190. The participants may, for example, include a User Computing Device or User 110, an Attestor Site or Device or Attestor 120, an Identity Validation site or Device or Validator 130, and a Verifier Site or Device or Verifier 160. Verifier 160 may be a merchant, a bank, or other entity in need of verification of user identities. Other entities in the system 100 include a Digital Wallet Provider Site or Device or Digital Wallet Provider 140, as well as a Third Party Cosigner Computing Device or Third Party Cosigner 112.

Some or all of the participants may have access to a Centralized or Distributed Ledger 150. Centralized or Distributed Ledger 150 is an electronic ledger which contains a list of verified transactions of digital cryptocurrency. In Bitcoin, Centralized or Distributed Ledger 150 is a distributed ledger which is referred to as a blockchain. Although transactions are communicated over the Bitcoin network for entry into the blockchain, participants referred to as “miners” may ultimately be the entities that perform transaction verification and blockchain entry.

The system 100 may include one or more additional or alternative attestors 120, which may be private or public entities. An additional or alternative attestor may be a provider of actual sources of identification for users. For example, an additional or alternative attestor may be or include a site or device of a government entity designated to issue sources of user identification (e.g. a government office which issues passports, a Department of Motor Vehicles or DMV which issues driver's licenses, etc.). The system 100 having one or more communication networks 190 may utilize any data network(s) or internetwork(s) suitable for communicating data and control information among participants in the system 100. This may include public networks such as the Internet, private networks, and telecommunications networks such as the public Switched Telephone Network or cellular networks using second generation cellular technology (e.g. 2G, GSM, or EDGE), third generation cellular technology (e.g., 3G or IMT-2000, UMTS, or WCDMA), fourth generation cellular technology (e.g., 4G, LTE, LTE-Advanced, E-UTRA, etc. or WiMAX-Advanced (IEEE 802.16m), 5G cellular technology, peer-to-peer and personal area network technologies such as Bluetooth, Bluetooth LE, Wi-Fi Direct, LTE Direct, NFC, and/or other technologies, as well as any of a variety of corporate area, metropolitan area, campus or other local area networks or enterprise networks, along with any switches, routers, hubs, gateways, and the like that might be used to carry data among participants in the system 100. The network may also be a high bandwidth, high-latency network such as ‘sneakernet’, where information on a mass storage device is hand-delivered or delivered via a mailing service such as DHL®, a national postal service, FedEx®, UPS®, or the like. The network may also utilize a visual data channel, such as barcodes, 2D barcodes, quick response (QR) codes, motion QR codes, or any form of animated visual information that can be captured by a visual capture device in a computer or portable device. The network may also utilize an audio channel to deliver information encoded in watermarked or fingerprinted audio such as those provided by Shazam® or the like. System 100 may also work in with an intermittent network connection or in a disconnected, offline mode. The network utilized may also include a combination of data networks, and need not be limited to a strictly public or private network. The devices, systems, and methods may further communicate using the “Bitcoin” network, which includes a plurality of nodes operating in accordance with a peer-to-peer (P2P) bitcoin protocol over the Internet.

The participants in the system 100 may each include network interfaces or the like for communication over the network. The network interfaces of the participants may allow for real time data synchronization between any of the participants, either on a shared network basis or on a peer-to-peer basis directly between the participants.

Part or all of the centralized or distributed ledger 150 may be downloaded or cached by any of the participants in the system 100 for offline use. Any of the parties may download the centralized or distributed ledger 150 on a periodic basis when they are connected online. The centralized or distributed ledger 150 may be delivered on a periodic or one-time basis to participants via postal mail, delivery service, or private delivery channels operated by the participant. In an embodiment, the Bitcoin blockchain may be used as the distributed ledger 150. In another aspect, a different distributed, centralized or decentralized ledger 150 may be used instead of the Bitcoin blockchain. The centralized or distributed ledger 150 may be accessed from a cached offline store. A relevant subset of the centralized or distributed ledger 150 may be provided by an attestor 120.

FIG. 2 is a flow diagram 200 illustrating various protocols which may be used for providing authentication of information, for example personal identification information or “PII” in the system of FIG. 1, the various protocols including an attestation protocol 202, a validation protocol 204, a signing protocol 206, a verification protocol 210, and a revocation protocol 212.

Initially, cryptography is utilized to create a key pair for the user 110. The creation of a key pair includes the creation of a user private key and a public key. The key pair may be created using elliptic curve cryptography, such as described in Guide to Elliptic Curve Cryptography (Springer Professional Computing) ISBN-13: 978-0387952734, which is hereby incorporated by reference herein in its entirety.

The user 110 may provide the user's Pubic key to the attestor 120. In an aspect, the user 110 may also provide the public key of a third party cosigner to the transaction. The third party cosigner may be a digital wallet provider (e.g. digital wallet provider 140 of FIG. 1), for example, a bitcoin wallet provider, or any other entity that can provide a public key for the transaction. There may be multiple third party cosigners (e.g. third party cosigner 112 of FIG. 1), bringing the total number of keys to N. In one embodiment, the collection of public keys is later used to create the attestation address using a multisig transaction. In this case, the attestation transaction may only be revoked (i.e. the funds at this attestation address may only be spent) with a multisig transaction where M of N keys are provided. In this way, it is not possible for a single party to revoke the attestation. As shown in FIG. 2, the attestor 120 may receive information from the user 110, in a request to perform attestation using an attestation protocol 202. The information from the user 110 may be Personal Identification information or “PII” that may uniquely identify the user 110. In general, the attestation protocol 202 causes the information (e.g. the PII) from the user 110 to be validated and attested to with use of signing protocol 206.

Upon receipt of the information, the attestor 120 will initially attempt to confirm the authenticity of the information using a validation protocol 204. This validation protocol 204 may be performed by a validator (e.g. validator 130 of FIG. 1). The validator may be the same entity as the attestor 120 or it may be a separate entity, such as a third party Identification Service Provider. The validation protocol 204 may include any suitable validation steps to validate the identity of the user 110. The validation protocol 204 may include conventional validation steps using any contact information or communication channels provided by the user 110. These steps may include communications such as texting, e-mailing, calling, or messaging the user 110 with the provided contact information. The validator may send messages out on any communication channel provided by the user 110 or known to belong to the user 110. The validator may send a physical postcard or mail to a physical address provided by user 110, and require the user 110 to enter a code provided on the physical postcard or mail on an attestor's site or application in order to continue with or complete the validation protocol 204. The validator may require the user 110 to prove they own or control something by providing verifiable title, or that they know a password. The validator, as part of the validation protocol 204, may provide information to the user 110 on one communication channel of the user 110, and require that the user entered the same information on another communication channel by the user 110 to verify legitimacy of the user's 110 identity.

The validation protocol 204 may determine that the information and/or identity of the user 110 is not authentic, and may indicate and/or communicate this failure (“FAIL”). The attestor 120 may indicate this failure to the user 110. On the other hand, the validation protocol 204 may determine that the user 110 and the user information is authentic, and may indicate and/or communicate this authenticity (“PASS”).

When the information passes as authentic, the attestor 120 continues to perform the attestation protocol 202 which includes a signing protocol 206. In one embodiment, attestation and signing protocols 202 and 206 provide for the user 110 a digitally-signed attestation transaction, spending an amount of cryptocurrency (e.g. dust) to a digital wallet controlled by a secret sharing cryptographic algorithm using M of N keys. This signed attestation transaction is communicated to the network by the attestor 120, for storage in the centralized or distributed ledger 150. The signed attestation transaction may include the user's public attest key, and is stored at an attestation address. Note that, although transactions are communicated over the Bitcoin network for entry into the blockchain, participants referred to as “miners” may ultimately be the entities that perform transaction verification and entry into the blockchain.

A description of techniques and protocols for creating transactions with use of Bitcoin cryptocurrency may be found in the book by Antonopoulos, Andreas M. Mastering Bitcoin: Unlocking Digital Cryptocurrencies, O'Reilly Media, 2014, ISBN 978-1449374044, which is here incorporated by reference in its entirety. The attestation address of the attestation transaction may be computed using a Pay to Script Hash (P2SH) bitcoin protocol. The attestation address of the attestation transaction may be a P2SH multisig address. The attestation transaction's outputs may be spent by a combination comprising attestor or validator's public key, one or more third party cosigner(s) public keys, and a user's public key. Note that the attestation protocol 202 together with the signing protocol 206 is described again later in relation to the flowchart of FIG. 3.

Continuing with reference to the flow diagram 200 of FIG. 2, after attestation by the attestor 120, the user information may be verified by a verifier 160 with use of a verification protocol 210. The verifier 160 may be a merchant, bank, or other entity. The verification protocol 210 may receive and utilize the user's public key, the third party cosigner(s) public key(s), the user information that was used to create the attestation address, and the attestation transaction signed by the attestor 120. The verification protocol 210 derives the user's public key using the same or similar approach taken earlier above. The verification protocol 210 checks that the attestation address of the attestation transaction is controlled by the user 110, any third party cosigners, and the attestor 120. The attestation address may map to an M of N digital wallet to implement the multisig signing protocol. The verification protocol 210 verifies that the attestation transaction is still valid and has not been revoked, checking that the attestation transaction is still in the centralized or distributed ledger 150. A successful verification indicates that the authenticated user information is still valid.

Further, the verification protocol 210 may send a challenge cryptographic nonce to the user 110 to be signed using the signing protocol and the user's private key. This cryptographic nonce may be generated by a cryptographic nonce generation algorithm as known in the art. The cryptographic nonce may be generated with, or may include, a timestamp. The cryptographic nonce may be generated through repeated hashing of a random or pseudo-random value. This challenge cryptographic nonce may be generated through software or using a dedicated hardware circuit or chip that supports encryption. The cryptographic nonce challenge may be generated by a mobile application, by a digital wallet, or by an attestation application. In response to receipt of the challenge cryptographic nonce, the user 110 signs the cryptographic nonce using a signing protocol and the user's private key. This confirms that the user 110 still has current control over that particular private/public key pair. Note that the verification protocol 210 is described again later in relation to the flowchart of FIG. 4.

Continuing with reference to the flow diagram 200 of FIG. 2, the user 110 or attestor 120 may revoke an attestation made in the past with use of a revocation protocol 212. The revocation protocol 212 may utilize a third party digital wallet provider or other third party cosigner, or it may be performed solely by the user 110 or attestor 120, or by the user 110 and the attestor 120. The revocation protocol 212 may be performed using a mobile application or a web-based client or cloud service, as examples. A participant may be allowed to revoke an attestation they have made in the past by signing a new transaction, spending the dust corresponding to the original attestation. To spend this dust, the participant may need to provide a subset of the third party cosigners of the original attestation, namely a user's private attestation key and one or more of the third party cosigner's keys. The attestor 120 may be allowed to revoke an attestation by signing a transaction, spending the dust of an attestation using the attestor's private key. Note that the revocation protocol 212 is described again later in relation to the flowchart of FIG. 5. In the attestation protocol 202, the centralized or distributed ledger may receive a signed attestation transaction to the multisig attestation address, calculated by an attestor or a third party cosigner. Note that the centralized or distributed ledger may receive this transaction from a third party digital wallet provider different from the attestor or the third party cosigner. For the convenience of the user, either attestor or the third party cosigner or both or a third party digital wallet provider or another third party may store user's attest key or K key, protected by a passphrase, on behalf of the user.

In some embodiments, the hashed information is used as an offset combined with the public key generated for the information, compliant with the Bitcoin BIP32 standard.

The attestor or third party cosigner may use an existing distributed ledger, such as the Bitcoin blockchain, and in doing so, leverage the existing transaction protocols defined for this distributed ledger as known in the art. The protocols defined herein may be realized using “Colored Coins” on the Bitcoin blockchain, for example.

FIG. 3 is a flowchart 300 for describing a method of the attestation protocol 202 which may be performed by an attestor.

Beginning at a start block 302 of FIG. 3, the attestor receives information and a public key which may be generated from the information (step 304 of FIG. 3). The information may be, for example, personal identification information (“PII”) belonging to a user. The public key is generated for the information, and may be a user's public key. Upon verification of this information, a first hash function is applied to the information to create a hash (step 306 of FIG. 3). The hash of the information and the public key are combined to generate a public attest key (step 308 of FIG. 3). In some embodiments, elliptic curve addition is used to combine the hash of the information with the public key generated for the information. An attestation address is generated based on the public attest key (step 310 of FIG. 3). A signed transaction which includes the user's public attestation key is generated and communicated for storage in a centralized or distributed ledger at the attestation address (step 312 of FIG. 3). In some embodiments, the transaction communicated, e.g., to the centralized or distributed ledger, includes a data file in the form of a data block that includes at least the public attest key and the attestation address generated by the techniques described herein. The flowchart ends at an end block 314 of FIG. 3. The signed transaction in the ledger may be checked by a verifier for verification purposes using a verification protocol. The signed transaction in the ledger may be revoked by the user or attestor using a revocation protocol. The key pairs may be created using elliptic curve cryptography. Each participant's public key may be generated by multiplying an elliptic curve generator point G, by the participant's private keys. Each of the participants may know each other's public keys. The information may be hashed with a cryptographic hash function, for example, SHA256, RIPEMD160, or both.

FIG. 4 is a flowchart 400 for describing a method of the verification protocol 210 of the verifier. Beginning at a start block 402 of FIG. 4, the verifier sends a dataRequest to the user. The dataRequest includes a challenge cryptographic nonce. The data requested from the user includes the information, and all the keychains used to sign the attestation transaction. In the case of a multisig attestation, the user sends all the keychains used to derive the multisig attestation address (step 404 of FIG. 4). The user signs the dataRequest using the user's private key, and returns the requested information along with all the keychains used to derive the attestation address (step 406 of FIG. 4). The information may be a user's information and the public key may be a user's public key. The public attest key is derived by the verifier based on the information, the public key, and the signed transaction (step 408 of FIG. 4). The procedure described in steps 404-408 will confirm that the user maintains control over the key. The flowchart ends at an end block 412 of FIG. 4. Thus, the information has been verified.

In the verification protocol 210 illustrated by flowchart 400 in FIG. 4, the user may be in communication with a third party (a verifier) that wishes to satisfy themselves that the user is who they say they are, that the user's information is authentic, that the user does own or control a certain asset, or the like. The user may wish to provide information to the third party and have that information verified. The user may send to the verifier their information along with one or more public keys, including those of the user, an attestor, a third party cosigner, a digital wallet provider, etc. The user may send the information that is being attested to.

As part of the verification protocol 210, the verifier may check that the attestation address of the attestation transaction is valid, verifying the existence of the attestation transaction at an attestation address in the centralized or distributed ledger. The verification protocol 210 may verify that the attestation transaction at the attestation address is signed by an attestor. The verification protocol 210 may verify that the public attest key can be derived from the user's public key added to the product of user's public keys that may be generated by multiplying G, an elliptic curve generator point, by a cryptographic hash of the user information. The verification protocol 210 may verify that the attestation address for the attestation transaction can be derived using the Pay to Script Hash (P2SH) with a public attest key, the attestor's public key, and the third party cosigner(s) public keys.

FIG. 5 is a flowchart 500 for describing a method of the revocation protocol 212. Prior to describing the steps of the revocation protocol 212 of FIG. 5, it is noted that an attestation transaction authenticating information has already been generated and stored in the centralized or distributed ledger. Beginning at a start block 502 of FIG. 5, a new signed transaction is generated to spend the cryptocurrency and revoke the previous attestation transaction associated with the information (step 504 of FIG. 5). The new, signed transaction is communicated over the network to the centralized or distributed ledger (step 506 of FIG. 5). The flowchart 500 of FIG. 5 ends at a finish block 508.

Thus, in the revocation protocol 212, an attestation transaction authenticating user information may be revoked by spending the cryptocurrency and thus invalidating the transaction that was created to represent the earlier attestation. In one embodiment, M of N keys in the attestation address are needed to sign the spending transaction in order to revoke the attestation. For example, 2-of-3 of the original parties' public and private keys may be required to revoke an original attestation transaction. The revoking transaction may be entered into the centralized or distributed ledger by the attestor, by the user, by the third party cosigner, or by a fourth party who is not part of the m-of-n group.

FIG. 6 is a flowchart 600 for describing a method for creating a user account for a user with an attestor for attestation purposes.

A user is directed to an attestor's website or app (step 602 of FIG. 6). The attestor site prompts the user to apply for new account and to provide information (e.g. PII) (step 603 of FIG. 6). The attestor site receives from the user an indication to create the new account and receives from the user the information (e.g. PII) to be attested, as well as any supporting documents and/or other evidence that helps verify the information (step 604 of FIG. 6). The received information may include full name, home address, Social Security Number (SSN), and date of birth (DOB), along with documentation including a SSN card, a birth certificate, and a driver's license.

A validator, which may be a third party, the attestor, or both, may validate the information using a validation protocol (step 605 of FIG. 6). Here, for example, the validator may produce knowledge-based questions for the attestor to present to the user (step 606 of FIG. 6). In response, the user may submit answers which are received by the attestor (step 607 of FIG. 6). The attestor and/or the validator may calculate a degree of risk for the user based in part on how correctly the user answered the knowledge-based questions (step 608 of FIG. 6). Conditionally, if the user's risk profile is too high, the attestor may refuse to create or validate the user account (step 609 of FIG. 6).

On the other hand, when the information is determined to be valid, the attestor proceeds to create the user account and perform steps for attestation. This causes a cryptographic asymmetric key pair (public key and private key) to be created for the user (step 610 of FIG. 6). This key pair may be created by the attestor, the digital wallet provider, or other device. With a private key, the user is able to perform a signing protocol to sign attestation transactions.

The attestor may also create or cause to be created a digital wallet for the user (step 611 of FIG. 6). Both an attestor and a third party cosigner may sign the root key of the user, and may place the key in the previously-created digital wallet. Either the attestor or the third party cosigner may store the root key (steps 612 and 613 of FIG. 6). The attestor performs or causes to be performed an attestation protocol, a validation protocol, and a signing protocol, for creating a signed transaction which is communicated over the network (e.g. the Bitcoin network) for storage in the centralized or distributed ledger (step 614 of FIG. 6).

FIG. 7 is a flowchart 700 for describing a method of purchasing goods online from a merchant website. Beginning at a start block 702 of FIG. 7, the merchant's website, or a merchant application running on the mobile device of the user, may display a presentation having a login or entry screen corresponding to the merchant's web site. In the presentation, the user may click on a button, menu item, or other indicator, to login, enter, or start processing associated with the online site. The merchant receives the user login or an indication from the user to start processing without logging in, for instance if the user enters the merchant's site as a guest (step 710 of FIG. 7).

The selection of one or more goods for purchase by the user is received by the merchant (step 720 of FIG. 7), and then the method proceeds to the checkout process. The merchant's website may require user information in order to complete the purchase transaction. For example, the merchant's website may require credit card or payment information or shipping information of the user. The merchant prompts the user to share necessary information with the merchant's website (step 730 of FIG. 7). Note that the information has already been attested to by the attestor and may include, for example, user payment information or user shipment information. In step 740 of FIG. 7, the merchant website receives the user information necessary in order to complete the purchase.

The merchant website may then verify the information using the verification protocol described earlier above (step 750 of FIG. 7). The merchant may now have a high degree of confidence that the information provided by the user is valid. The merchant may proceed to complete the purchase transaction (step 760 of FIG. 7), without necessarily having to re-verify the information through additional fraud detection and prevention steps. The method ends at step 770 of FIG. 7.

FIG. 8 is a flowchart 800 for describing a method of a verification protocol, enabling the purchasing of goods online from a merchant website, without the need for a login procedure. Beginning at a start block 802 of FIG. 8, the merchant's website, or a merchant application running on the mobile device of the user, may display a presentation having a login or entry screen corresponding to the merchant's web site. In the presentation, the user may click on a button, menu item, or other indicator, to login, enter, or start processing associated with the online site. The merchant receives the user login or an indication from the user to start processing without logging in, for instance if the user enters the merchant's site as a guest (step 810 of FIG. 8).

The selection of one or more goods for purchase by the user is received by the merchant (step 820 of FIG. 8), and then the method proceeds to the checkout process. The merchant's website may require user information in order to complete the purchase transaction. For example, the merchant's website may require credit card or payment information or shipping information of the user. The merchant prompts the user to share necessary information with the merchant's website (step 830 of FIG. 8). Note that the information has already been attested to by the attestor and may include, for example, user payment information or user shipment information.

When the merchant prompts the user to share necessary information with the merchant's website, the attestor application on the user's mobile device, or an attestor site, prompts the user for confirmation that they agree to sending the requested information to the merchant. In response to a confirmation by the user, the attestor application communicates the attested user information necessary to complete the purchase to the merchant website, which is received by the merchant website (step 840 of FIG. 8). The communication of this information to the merchant website may occur through various communication channels, such as the attestor application on the user's mobile device scanning a QR code, 2D bar code or moving image conveying data displayed on the merchant's ecommerce site, and then using this data to route the appropriate user information from the user' smartphone or mobile device to the merchant's ecommerce website.

In one embodiment, once the merchant receives the attested information directly from the attestor, the merchant is able to complete the purchase transaction. In another embodiment, the merchant may then verify the information using the verification protocol described earlier above (step 850 of FIG. 8). The merchant may now have a high degree of confidence that the information provided by the user is valid. The merchant may proceed to complete the purchase transaction (step 860 of FIG. 8), without necessarily having to re-verify the information through additional fraud detection and prevention steps. The method ends at step 870 of FIG. 8.

FIG. 9 is a flowchart 900 for describing a method of verifying identity offline (e.g. without an active Internet data connection) using an attestation application running on a user's mobile device. The user opens an attestation application on a mobile device and is displayed a presentation for selecting different items of attested information (step 910 of FIG. 9). Here, the user may indeed select what attested information to share, or select a pre-configured template of information. The application receives the user selection of attested information (step 920 of FIG. 9), such as a set of payment information, the proper license or permit for an activity, a ticket for an event, or a passport for a border stop.

Upon selection of information, the attestation application presents a visual code (e.g. a barcode or a motion QR) on the user's mobile device (step 930 of FIG. 9). The visual code represents the selected attested information. The user may show this presentation to the verifier, who may be a merchant, a border agent, a metro turnstile, or other person. The verifier proceeds to scan the visual code, with use of a scanner or a camera on a mobile device, as examples, and the attestation transfers the attested information by way of the visual code (step 940 of FIG. 9). Alternately, user's mobile device running the attestation application may use one of many other techniques of peer-to-peer (P2P) communication including, but not limited to, local Wi-Fi, Bluetooth, Bluetooth LE, near field communications (NFC), infrared, RFID, ambient audio, supersonic audio, or the like. Upon receipt of the attested information, the device of the verifier performs a verification protocol, consulting its own cached copy or subset of the centralized or distributed ledger database that may contain the user's attestation transactions. The attested information is verified if the attestation transaction is in the ledger. The device of verifier may complete the verification protocol by sending a challenge to the user in the form of a cryptographic nonce message using the procedure described earlier above.

FIG. 10 is a flowchart 1000 for describing a method for use in logging into a website or online site or service using an attestation application on a mobile phone or device (e.g. a smartphone). At first, the user is presented with a login or entry screen of the online site. The user may click on a button, menu item, or other indicator, to login, enter, or start processing associated with the online site (step 1010 of FIG. 10). The online site provides a presentation of a visual code (e.g. a barcode or a motion QR) to the user (step 1020 of FIG. 10). The user proceeds to scan the visual code using the attestation application (e.g. with use of the camera on the mobile device) (step 1030 of FIG. 10). The act of scanning the visual code causes a direct connection to be established between the mobile device and the online site.

The online site provides a presentation and procedure to allow the user to communicate information that has already been attested to by the attestor. The user passes this identifying information attested to in its attestation application to login (step 1040 of FIG. 10). This identifying information may include, for example, an email address and/or any other information item. The online site then proceeds to verify the user's identifying information using the protocols discussed earlier above (step 1050 of FIG. 10). If the user's identifying information is verified, the user is successfully logged into the online site based on the authenticated information provided by the attestation application (step 1060 of FIG. 10), Normal session management techniques on the online site are thereafter performed.

FIG. 11 is a flowchart 1100 for describing a method for signing up or enrolling to create a user account on an online site or service using an attestation application on a mobile phone or device (e.g. a smartphone). At first, the user is presented with a login or entry screen for the online site. The user may click on a button (e.g. login button), menu item, or the like, to login or enter the online site (step 1110 of FIG. 11). The online site provides a presentation of a visual code (e.g. a barcode or a motion QR) to the user (step 1120 of FIG. 11). The user proceeds to scan the visual code using the attestation application (e.g. with use of the camera on the mobile device) (step 1130 of FIG. 11). The act of scanning the visual code causes a direct connection to be established between the mobile device and the online site.

Next, the user is provided with a presentation which asks the user to share certain information in order to create an account (step 1140 of FIG. 11). Some of the information requested may be required in order for the user to open an account, and some of the information requested may be optional. The user may select which optional information they want to provide as part of the account creation (step 1150 of FIG. 11). The user may the send the required information and the selected optional information to the online site using the attestation application. Here, the user's attested information along with the user's agreement may be sent to the online site from the attestation application of the user's mobile device (step 1160 of FIG. 11). The online site may trust the attested information provided through the attestation application. On the other hand, the online site may decide to perform an additional verification using the verification protocol, previously described earlier above. Once the online site is confident in the authenticity of the user's information, the online site follows their normal process of creating a new user account based on the attested (and potentially Verified) information (step 1180 of FIG. 11).

FIG. 12 is a flowchart 1200 for describing a method of validating personal identification information during account creation, or adding new or updated personal identification information to be validated and authenticated, by an attestor 1240. The method begins where the attestor site and/or the app of the user 1230 provides a login or entry screen for the user 1230, and the user 1230 proceeds to log on to the attestor 1240 (step 1210 of FIG. 12). The user 130 starts a process to get an account with the attestor 1240, and provides information to the attestor 1240 (step 1211 of FIG. 2). The information may include the user's social security number, date of birth, name, physical address, phone numbers, and the like. The attestor 1240 may check the user's information against an internal blacklist in order to determine whether or not to proceed with the creation of an account and the subsequent attestation of that user information (step 1213 of FIG. 12).

If the attestor 1240 determines to proceed, the attestor may perform an attestation protocol and a validation protocol on the user information. These protocols were described earlier above, for example, in relation to FIGS. 2-3. In one embodiment, the attestor 1240 may utilize one or more validators 1250 to perform some or all of the validation protocol, and may send the user information to the validator 1250 (step 1214 of FIG. 12). The attestor 1240 may perform other validation processes and check other records to see whether this account creation should continue. The one validators 1250 may check the validity of the data against internal and external records according to a validation protocol (step 1215 of FIG. 12) as previously described. The validation protocol may involve checking if the data provided by the user 1230 matches credit records (step 1212 of FIG. 2). The validation protocol may involve reviewing information available on social networks to analyze the likelihood that the user 1230 is a real person.

The one or more validators 1250 may utilize a statistical risk determination model to determine whether more information is needed to make a validity decision (step 1216 of FIG. 12). If yes, the one or more validators 1250 may generate further user information requirements such as a set of questions for the user 1230 to answer (step 1217 of FIG. 12). The questions may be questions such as where the user lived ten years ago, which companies the user has loans with, or other questions based on information that only that user should know readily. The one or more validators 1250 sends these additional user information requirements to the attestor 1240. The attestor 1240 makes a request for the additional user information requirements to the user 1230 (step 1218 of FIG. 12). In response, the user 1230 provides the answers to the additional information request to the attestor 1240 (step 1218 of FIG. 12). The attestor 1240 receives the additional user information, and in turn passes it to the one or more validators 1250 (step 1218 of FIG. 12).

If the one or more validators 1250 determines that no more information is needed to validate the user 1230, the one or more validators may send a statistical score which represents the likelihood of the user 1230 being authentic to the attestor 1240 (step 1219 of FIG. 12). The attestor 1240 may create a user account marked as temporary (step 1220 of FIG. 12), and may set a timer associated with the user account. The timer is set so that, if further validation steps are not completed within the time limit, the user account will be suspended, held, or deleted.

Even further validation steps may be taken for further assurance. The attestor 1240 may send a website link or URL to the user's email address in order to validate the user's email address (step 1221 of FIG. 12). The user 1230 may be required to go to or click on the link sent in the email from the attestor 1240, which will direct the user's browser to a web page of the attestor site for the user 1230 to enter further authenticating information to activate their account. In another aspect, the attestor 1240 may require the user 1230 to validate a provided phone number, by calling or texting the user 1230 at that phone number and collecting a response. In another aspect, the attestor 1240 could use a third party multi-factor authentication service such as AUTHY.COM or the like. In another aspect, the attestor 1240 could use one of various 2-factor or multi-factor authentication methods as known in the art. At step 1222 the attestor 1240 may send a postcard through a national mail service or other delivery service to the user 1230 at the residential or other address provided to the site. Upon receipt, the user 1230 may enter the code on this postcard into a form on the attestor application or website (step 1223 of FIG. 12) to validate that the user 1230 who created the account is also in control of the physical mail at that address. The attestor 1240 may mark the account created at step 1220 as permanently active (step 1224 of FIG. 12).

FIG. 13 is a flowchart 1300 for describing a method of notification messaging pertaining to the use of personal identification information of a user.

In the method of FIG. 13, an individual 1310, who may be legitimately the user 1305 or who may be fraudulent, attempts to perform a transaction or receive a service from an organization 1320 or a merchant by providing his or her user information. For example, the individual 1310 may seek to open a new credit account at a bank or merchant. The information provided by the individual 1310 may be personal identification information, such as a social security number, a phone number, an address, a name, or a combination thereof as previously described. The organization 1320 may be a client of the attestor 1330.

In response, the organization 1320 may send a message to the attestor 1330 to indicate that the user 1310 has attempted to make a transaction (step 1302 of FIG. 13). The organization 1320 may submit a request to the attestor 1330 with the information provided by the individual 1310 (step 1303 of FIG. 13). Here, the organization 1320 may indicate the particular type of request the individual 1310 is making, and may provide a remediation phone number in the request to the attestor 1330. The attestor 1330 may look up the user's information and compare it to records in an existing database of authenticated and registered users. The attestor 1330 may require a minimum amount of user information to uniquely identify a user, or may require at least some subset of user information such as the user's name, date of birth and address in combination. Alternatively, the attestor 1330 may only require a single piece of user information, such as a social security number, as a non-limiting example.

The attestor 1330 may positively identify an existing authenticated and registered user that holds a valid account at the attestor (a registered user) using the received user information (step 1305 of FIG. 13). The attestor 1330 may check any communication preference of the user identified in the user's profile (step 1306 of FIG. 13). For example, the user's communication preference may be any one of SMS or texting, email, push messaging to a specific smartphone or mobile device application, or other user-provided channel. The attestor 1330 may send a notification to the user 1305 using the preferred communication channel identified (step 1307 of FIG. 13). Thus, the user 1305 identified by the user information may be informed, via one or more of the selected communication channels, that an attempt to access a service at an organization 1320 (as in step 1301) or use personal information has occurred.

In an aspect, the user 1305 may be prompted or asked to authorize the access to the service, and may be able to allow or deny the access to the service based on a query presented at the user's device. In another aspect, the user 1305 may be able to allow or deny the access to the service by responding to a text message or a voice call. Where the user 1305 is queried about the service on more than one communication channel, the user 1305 may be required to authorize the transaction on one, more than one, or all of the communication channels. If the individual 1310 performing the transaction is the same as the user 1305, then the user 1305 may authorize the access to the service. If the individual 1310 performing the transaction is a fraudster and is not the user 1305, and has not compromised all of the communication channels of the user 1305, then the individual's action is unauthorized and the transaction is halted.

FIG. 14 shows an application screen for a user to provide information to a validator. A user interface screen on the user's mobile device may simulate an identification card 1400. The identification card 1400 may present Personal Identification information, which may include a photograph of the user, their age, their employer, their home address, their sex, height, eye color, weight, phone number, messaging address, email address, social media address/username/handle, etc. It may also show their digital crypto-currency recipient address 1430. The identification card 1400 may include a series of checkboxes 1410 (e.g., on the bottom left of the figure) showing what sources of information are authenticated by the attestor. In this example, the identification card shows that the authenticated user information is the users driver's license, employer, and biometrics. The address may not be attested to as the section next to address is unchecked, and lock icons 1420 may indicate a level of security of the card.

In order to communicate to a verifier, the identification card 1400 may present an animated image 1440 that conveys information to a verifier application or an attestor application running on another smartphone or using a camera attached to a computer. The identification card 1400 may be placed so that the moving image 1440 can be viewed by the receiving application. The data transfer may be used to send authenticated information as described in FIG. 2-FIG. 5 and herein.

The user may also use the identification card 1400 to log into a site such as a website. In this case, the site may display a moving graphic as in 1440 but in this case the attestor application may use a smartphone camera to record and interpret the information being transmitted from the site. An application for the identification card 1400 may then transmit appropriate attested credentials to the site as described herein.

While the foregoing describes a particular set of techniques for attesting and validating information, it will be understood that information attestation has wider applicability, and may be usefully employed to augment, civic transactions, financial transactions identity verification, political transactions, contracts, treaties, digital signatures, and a wide range of other useful processes.

The above systems, devices, methods, processes, and the like may be realized in hardware, software, or any combination of these suitable for a particular application. The hardware may include a general-purpose computer and/or dedicated computing device. This includes realization in one or more microprocessors, microcontrollers, embedded microcontrollers, programmable digital signal processors or other programmable devices or processing circuitry, along with internal and/or external memory. This may also, or instead, include one or more application specific integrated circuits, programmable gate arrays, programmable array logic components, or any other device or devices that may be configured to process electronic signals. It will further be appreciated that a realization of the processes or devices described above may include computer-executable code created using a structured programming language such as C, an object oriented programming language such as C++, or any other high-level or low-level programming language (including assembly languages, hardware description languages, and database programming languages and technologies) that may be stored, compiled or interpreted to run on one of the above devices, as well as heterogeneous combinations of processors, processor architectures, or combinations of different hardware and software. In another aspect, the methods may be embodied in systems that perform the steps thereof, and may be distributed across devices in a number of ways. At the same time, processing may be distributed across devices such as the various systems described above, or all of the functionality may be integrated into a dedicated, standalone device or other hardware. In another aspect, means for performing the steps associated with the processes described above may include any of the hardware and/or software described above. All such permutations and combinations are intended to fall within the scope of the present disclosure.

Embodiments disclosed herein may include computer program products comprising computer-executable code or computer-usable code that, when executing on one or more computing devices, performs any and/or all of the steps thereof. The code may be stored in a non-transitory fashion in a computer memory, which may be a memory from which the program executes (such as random access memory associated with a processor), or a storage device such as a disk drive, flash memory or any other optical, electromagnetic, magnetic, infrared or other device or combination of devices. In another aspect, any of the systems and methods described above may be embodied in any suitable transmission or propagation medium carrying computer-executable code and/or any inputs or outputs from same.

It will be appreciated that the devices, systems, and methods described above are set forth by way of example and not of limitation. Absent an explicit indication to the contrary, the disclosed steps may be modified, supplemented, omitted, and/or re-ordered without departing from the scope of this disclosure. Numerous variations, additions, omissions, and other modifications will be apparent to one of ordinary skill in the art. In addition, the order or presentation of method steps in the description and drawings above is not intended to require this order of performing the recited steps unless a particular order is expressly required or otherwise clear from the context.

The method steps of the implementations described herein are intended to include any suitable method of causing such method steps to be performed, consistent with the patentability of the following claims, unless a different meaning is expressly provided or otherwise clear from the context. So for example performing the step of X includes any suitable method for causing another party such as a remote user, a remote processing resource (e.g., a server or cloud computer) or a machine to perform the step of X. Similarly, performing steps X, Y and Z may include any method of directing or controlling any combination of such other individuals or resources to perform steps X, Y and Z to obtain the benefit of such steps. Thus method steps of the implementations described herein are intended to include any suitable method of causing one or more other parties or entities to perform the steps, consistent with the patentability of the following claims, unless a different meaning is expressly provided or otherwise clear from the context. Such parties or entities need not be under the direction or control of any other party or entity, and need not be located within a particular jurisdiction.

It should further be appreciated that the methods above are provided by way of example. Absent an explicit indication to the contrary, the disclosed steps may be modified, supplemented, omitted, and/or re-ordered without departing from the scope of this disclosure.

It will be appreciated that the methods and systems described above are set forth by way of example and not of limitation. Numerous variations, additions, omissions, and other modifications will be apparent to one of ordinary skill in the art. In addition, the order or presentation of method steps in the description and drawings above is not intended to require this order of performing the recited steps unless a particular order is expressly required or otherwise clear from the context. Thus, while particular embodiments have been shown and described, it will be apparent to those skilled in the art that various changes and modifications in form and details may be made therein without departing from the spirit and scope of this disclosure and are intended to form a part of the disclosure as defined by the following claims, which are to be interpreted in the broadest sense allowable by law. 

What is claimed is:
 1. A method of providing attestation of personal identification information of a user by an attestor, comprising: receiving, by a first device, personal identification information of a user and a public key generated for the information; applying, by the first device, a first hash function to the personal identification information of the user to create a first hash result; combining, by the first device, the first hash result with the public key to generate a public attest key; applying, by the first device, a second hash function to the public attest key to generate a first attestation address within a centralized or distributed ledger; communicating, by the first device, a signed transaction comprising a non-zero value to the centralized or distributed ledger for storage at the first attestation address, the presence of the non-zero value associated with the first attestation address within the centralized or distributed ledger indicating that the personal identification information of the user is valid; receiving, by the first device, revised personal identification information of the user; and responsive to receipt of the revised personal identification information of the user: applying, by the first device, the first hash function to the revised personal identification information of the user to create a second hash result, combining, by the first device, the second hash result with the public key to generate a second public attest key, applying, by the first device, the second hash function to the public attest key to generate a second attestation address within the centralized or distributed ledger, and communicating, by the first device, a second signed transaction transferring the non-zero value from the first attestation address to the second attestation address.
 2. The method of claim 1, wherein elliptic curve addition is used to combine the first hash result with the public key generated for the information to generate the public attest key.
 3. The method of claim 1, wherein combining the first hash result with the public key generated for the information comprises using the first hash result as an offset and using the public key generated for the information to generate the public attest key.
 4. The method of claim 3, wherein using the first hash result as an offset and using the public key generated for the information to generate the public attest key is compliant with the Bitcoin Improvement Protocol BIP32 standard for hierarchical deterministic wallets.
 5. The method of claim 1, wherein generating the attestation address comprises combining two or more public keys of potential signers utilizing a multi-signature script which implements the Pay to Script Hash (P2SH) function.
 6. The method of claim 5, wherein one of the public keys of potential signers is the public attest key.
 7. The method of claim 5, wherein one of the public keys of potential signers is one of a public key of a wallet provider, a public key of the attestor, and a recovery public key of a user.
 8. The method of claim 1, wherein the second hash function comprises the P2PKH (Pay to PubKey Hash) algorithm.
 9. The method of claim 1, wherein generating the attestation address-further comprises generating a redeem script using public keys of multiple signatories, serializing the redeem script to create a serialized output, applying a third hash function to the serialized output to create a second hash result, and applying a fourth hash function to the second hash result.
 10. The method of claim 9, wherein the third hash function comprises the SHA256 (Secure Hash algorithm), and the fourth hash function comprises the RIPEMD160 (RACE Integrity Primitives Evaluation Message Digest) algorithm.
 11. The method of claim 1, wherein the centralized or distributed ledger is the bitcoin blockchain.
 12. The method of claim 1, wherein the absence of the non-zero value associated with the first attestation address indicates that the personal identification information of the user is invalid, and the presence of the non-zero value associated with the second attestation address indicates that the revised personal identification information of the user is valid.
 13. A system for providing attestation of personal identification information of a user by an attestor, the system communicating a transaction to a centralized or distributed ledger including a data file, the system comprising: a device comprising a processor circuit and a network interface in communication with at least one additional device managing a centralized or distributed ledger; wherein the processor circuit is configured to: receive personal identification information of a user and a public key generated for the information, apply a first hash function to the personal identification information of the user to create a first hash result, combine the first hash result with the public key to generate a public attest key, and apply a second hash function to the public attest key to generate a first attestation address within the centralized or distributed ledger; wherein the network interface is configured to: communicate, via the network interface, a signed transaction comprising a non-zero value to the at least one additional device for storage at the first attestation address within the centralized or distributed ledger, the presence of the non-zero value associated with the first attestation address within the centralized or distributed ledger indicating that the personal identification information of the user is valid, and receive revised personal identification information of the user; and wherein the processor is further configured to, responsive to receipt of the revised personal identification information of the user: apply the first hash function to the revised personal identification information of the user to create a second hash result, combine the second hash result with the public key to generate a second public attest key, apply the second hash function to the public attest key to generate a second attestation address within the centralized or distributed ledger, and communicate, via the network interface, a second signed transaction transferring the non-zero value from the first attestation address to the second attestation address.
 14. The system of claim 13, wherein the processor is further configured to combine the first hash result with the public key generated for the information to generate the public attest key using elliptic curve addition.
 15. The system of claim 13, wherein the processor is further configured to generate the public attest key using the first hash result as an offset with the public key.
 16. The system of claim 13, wherein the processor is further configured to combine two or more public keys of potential signers utilizing a multi-signature script which implements the Pay to Script Hash (P2SH) function to generate the attestation address.
 17. The system of claim 16, wherein one of the public keys of potential signers is one of the public attest key, a public key of a wallet provider, a public key of the attestor, and a recovery public key of a user.
 18. The system of claim 13, wherein the processor is further configured to generate a redeem script using the public keys of the multiple signatories, serialize the redeem script to create a serialized output, apply a third hash function to the serialized output to create a second hash result, and apply a fourth hash function to the second hash result to generate the attestation address.
 19. The system of claim 18, wherein the third hash function comprises the SHA256 algorithm, and the fourth hash function comprises the RIPEMD160 (RACE Integrity Primitives Evaluation Message Digest) algorithm. 